Community News

Your Online Persona

woman with light blue hair who had text projected on her face
Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.

Every day we offer information about ourselves to strangers. They, in turn, can choose to use this information any way they want. Most of us never give a second thought that companies can analyze our behavior and understand us better than ourselves. We are so focused on using their platforms that we aren't concerned with why they would offer the services for "free".

We've become desensitized to data breaches and how much of our information is publicly available. Beyond that, we're constantly hemorrhaging online information into the hands of companies and strangers on social media. In the EU, citizens have the right to know when companies are collecting their data and invading their privacy. You have probably seen pop-up windows asking for cookie permissions when you visit certain sites, this is because of the General Data Protection Regulation to accommodate the EU rules.

Because we don't have similar regulations to protect our information in the states, it's important that we, as individuals, manage it. We know from the 2018 Cambridge Analytica disclosure how our benign social media behaviors can be collected and manipulated against us. We should learn from these examples and do better. People don't need to break into houses, they have everything they need from the comfort of a keyboard.

To start, we should be protecting ourselves from nefarious entities. We have accounts upon accounts, each account has different rules about usernames and passwords and keeping track of them is nearly impossible.

  • This is where password managers come in. Everyone should be using a password manager and that manager should be keeping track of secure passwords for you
    • Some of them even tell you when the accounts have been breached
    • Most tell you how strong your passwords are and generate better ones
    • Choose a password manager that you can use on your computer and as an app on your phone
    • Since the only password you have to remember going forward is the password for the password manager, make it something unique but easy to remember
      • like a sentence: FALL is VERY colorful
      • add numbers: F411 15 V3RY c010rfu1
  • Password managers can also provide insight into just how many accounts are tied to you. It's very easy to forget about them but the best option is to fully delete (not deactivate) any accounts that are no longer being used.
  • We should also leverage opportunities for two factor authentication when it is available
    • Duo is a great app and can be used agnostic of a device
    • Many people use Google Authenticator but know if you lose your phone, you also lose the authenticator
    • There are hardware options, examples being Yubico and CryptoTrust
  • If a site is able to email you your actual forgotten password, know that they are not storing their passwords securely. If you forget your password, they should have no access to it and should have to send you a new one.
    • If a site does send you your forgotten password you should be aware that that login, and any other login using that password, are compromised and should be changed.

At the very minimum, a password manager is a must

Secure your home network

  • Change your router information so it is not the default provided by your ISP
    • Providers have patterns for network naming and passwords that can be easily figured out while also providing strangers with information about your internet setup
    • This includes changing the login information for the admin interface
  • Set your router security to WPA2
  • Hide your SSID
  • Create additional secured networks in your home so even in the case of a compromised device, it's harder to get your information. Many routers support multiple networks or subnets.
    • Networks can also be set up as a form of parental controls
    • Internet connected devices should reside on their own network
    • Create a guest network for visitors
  • You can also look into firewalls or VPNs

Next, we should be limiting the amount of data that can be collected about us.

  • Messages on your phone and desktop can be sent securely using an application like Signal
  • If you are sending sensitive information via email, you should consider encryption like FlowCrypt
  • You should block browsers from collecting data while you search
  • Delete your social media
  • Research the internet connected devices you buy. Is the convenience worth the privacy cost?
    • Alexa and Echo are designed to listen to everything you say and wait for a wake word
    • Ring is directly partnered with the police, sends information to other third parties, and has had data breaches
    • Even smart light bulbs hold more information than just 'on' and 'off'

Lastly, we should be actively removing data that already exists on the internet.

Tags
Helpful Homeowner Information
sprawling well manicured gardens
Maintenance and Grounds Committee
More
pineapple wearing sunglasses and party hat sits next to many balloons
Social Committee
More
house in the middle of a crop field with a flock of birds overhead
Architectural Review Committee
Members of this committee are secret
More
person sitting on a mountain top
Capital Planning Committee
More